Hacker News new | past | comments | ask | show | jobs | submit login
How Georgia doxed a Russian hacker (and why it matters) (arstechnica.com)
86 points by shawndumas on Nov 2, 2012 | hide | past | web | favorite | 18 comments

It's quite funny and genius. Article says that malware used by Georgia is not specified, but from original PDF report it's clear that they have used his own exploit to attack him!

From PDF: "then gave Cyber Attacker Fake ZIP Archive with his own virus inside and the name “Georgian-Nato Agreement”."

It was possible because they already had an access to his C&C servers.

For me, this matters less because of "what chance do the rest of us have?" and more about implications for so-called "hack back" initiatives and the thorny problem of attribution. I don't have access to the evidence that the Georgia CERT does, of course, but their analysis goes far beyond using a webcam and geolocating an IP address.

It's interesting that somebody that isn't a military organization or law enforcement (strictly speaking) comes out and admits that they infiltrated the exfiltration with their own malware. The idea has been around a long time but they had pretty good results, apparently!

Well, to anyone who can comprehend that .pdf research in full, it will be crystal clear that this hacker CAN NOT be working for Russian government.. he must had his personal, likely scouting for classified info reasons, but it all can be hardly defined as a "government attack" based on his (below average) skill level, his surroundings and a physical location.

I don't think a judgement can be made at this point as to whether he was or was not working in collaboration with some form of Russian gov.

I picture a somewhat disorganized system of Russian gov. employees sometimes working together and other times in opposition.

The Wikipedia article about the Russian FSB mentions certain internal groups spying on one another. It wasn't that long ago when federal agencies like the CIA and FBI were at odds and spying on each other.

Could very well be a co-optee which the KGB used to do a lot in the past and presumably the FSB is no different.

Lets be honest no sensible Russian is going to say no to the FSB if they ask for a favor.

WTF is doxing?

This is not so much doxxing as a 21st Century Wanted Poster

You haven't been to reddit lately :)

So, what's next? Will the world start buying computers and phones without webcams? Seems like stories concerning malevolent webcam usage comes up about every six months.

Why stop buying laptops with webcams when applying a $0,01 piece of tape over it is all that is required if you're worried about it?

There's also the standard built-in microphone. The best option is to disassemble the laptop, remove the webcam hardware, and clip the leads to the mic--detatching it from the motherboard. If you need a webcam use an external.

Don't forget to pee in Mason jars so they can't harvest your precious bodily fluids!

Seriously though, paranoid much?

So... peeing in Mason jars is a sign of paranoia?

Maybe. Unless you're a long-haul trucker trying to shave some time, but those are typically plastic bottles.

Or I suppose some extended coding sessions? I can't imagine a real need for such extreme tactics but who am I to say it doesn't happen.

Older Web cams (and a few modern ones built into laptops) used to come with a physical privacy shield -- a shutter you could move to block the camera when it wasn't in use. I like the idea.

Webcams are a very small part of this hack.

Tape something over the lens so you can flip it up when you want to use the camera.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact